0

I'm doing a rollout of new machines with Windows 7 this summer, and moving all the clients in my department from XP to Windows 7. The domain controller is running 2k3 Server SP2.

Most of the Group Policy I need is already there in GPMC, but there are some Windows 7-specific settings (e.g., BitLocker settings, UAC) that I can't set from the DC. I've read in a few documents that it's possible to manage these settings from the 2k3 server (if I configure them from a Win7 client?) but I haven't been able to find any good documentation on how this is actually done.

I've tried installing RSAT on a Windows 7 client, but it doesn't seem to want to talk to the DS. As far as I know, the DS is configured to accept remote management connections.

aaronbeekay
  • 3
  • 2

1 Answers1

1

Win7 / 2008 R2 settings are not going to exist in your AD schema unless you extend it to the 2008 R2 level (unless MS did something very uncharacteristic, and I didn't hear about it).

They don't typically discourage people from upgrading their DC OS by putting work into adding features to the old version.

Chris S gives an overview of the process here. Some great points here, with fringe case info.

FWIW, my dcpromos have all been uneventful, but then again, I'm very careful about running those tests and making sure any errors are cleared up beforehand.

Community
  • 1
Kara Marfia
  • 7,892
  • 5
  • 33
  • 57
  • Right, that makes sense. Perhaps what I'm asking is how to extend my schema. Is that a possibility? – aaronbeekay Sep 08 '10 at 17:39
  • Definitely. It's a very simple process, though it's important to be backed up and prepared to rebuild your AD if something horrible should happen. I'll add some links above. – Kara Marfia Sep 09 '10 at 12:23